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DETAILED ACTION 

1 . This Office Action is responding to the amendment dated on 06/02/2008. 

2. Claims 13-18 have been amended. Claim 21 is newly added. All other claims 
are as original. 

3. Claims 2-18 and 20-21 have been examined. 

4. Claims 2-18 and 20-21 are pending. 

Claim Objections 

5. Claim13 is objected to because of the following informalities: 

The phrase, "the security resolver with the branding certificate ..." should be 
"a security resolver with the branding certificate ..." and "a security resolver 
operational" should be "the security resolver operational Appropriate 
correction is required. 

Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 1 02 of this title, if the differences between the subject matter sought to be patented and the prior art 
are such that the subject matter as a whole would have been obvious at the time the invention was made to 
a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 
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7. Claims 13-18 and 20 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Hind et al, US Patent No. 6772331 B1, hereinafter "Hind", in view of Dondeti 
et al, US Patent No. 6,263,435, hereinafter "Dondeti" . 

a. As per claim 13: 

Hind disclose a networked computing device supporting branding to establish 
cryptographically secured interaction with other deices within a trust group of 
devices on an open-access network, the networked computing device 
comprising: 

a network interface for communicating on the open-access network, a 
security initializer operational to receive the branding public key from a 
branding device securely networked to the networked computing device, and 
further operational to initialize with the branding public key [(Col. 9 lines 25- 
40 from Hind)]. 

Hind does not expressly disclose the remaining limitation of the claim. 
However, Dondeti discloses the security initializer further operational to 
initialize the security resolver with the branding certificate and wherein the 
branding certificate comprises branding key data for verifying certificates 
provided by other devices within the trust group on the open-access network 
[(lines 13-28, Col. 3 and lines 58-67, Col. 4 to lines 1-29, Col. 5 from 
Dondeti)]; 

a security resolver operational, after being initialized with the branding public 
key to authenticate trust group membership certificates separate from the 
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branding certificate provided to the networked computing device from other 
devices via the network interface using the branding key data and to verify 
that the other devices providing trust group membership certificates are 
members of the trust group of devices [(lines 13-28, Col. 3; lines 1-29, Col. 
5 ; Col 10 lines 18-29, Col 11 line 5 to Col 12 line 20 and Col 6 lines 10-55 
from Dondeti)], and further operational to inhibit interaction via the network 
interface with other devices not authenticated as in the trust group of devices, 
the security resolver being initially uninitialized [(Col 10 lines 18-29, and Col 
11 line 5 to Col 12 line 20 and Col 6 lines 10-55 from Dondeti)]; and 
the branding device having previously generated the branding public key and 
trust group membership certificates [(lines 14-29, Col. 5 from Dondeti)]. 

Therefore, it would have been obvious at the time of the invention was made 
for one having ordinary skill in the art to modify Hind's invention to incorporate 
Dondeti's teaching to implement the group joining between group members 
without interposing a central authority. 

b. As per claim 14: 

Hind and Dondeti teach "The networked computing device of claim 13 further 
comprising: a limited access networking interface; and hwerein the security 
initializer further is operational to accept the branding public key when 
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received from the branding device only via the limited access networking 
interface" in (Col 1 1 lines 5-45). 

c. As per claim 15: 

Hind and Dondeti teach "The networked computing device of claim 13 
wherein: the security initializer further is operational to accept the branding 
public key when received from the branding device via the network interface 
when in an initial unbranded state; and the device further comprises a 
branding reset operational upon activation to return the security initializer to 
the initial unbranded state" in (Col 13 lines 35-43). 

d. As per claim 16: 

Hind and Dondeti teach "The networked computing device of claim 13 further 
comprising: a branding mode activator operational to place the networked 
computing device in a branding mode; and wherein the security initializer 
further operational to accept the branding public key when received from the 
branding device via the network interface when in the branding mode" in (Col 
11 lines 5-45). 
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e. As per claim 17: 

Hind and Dondeti teach "The networked computing device of claim 13 
wherein: the security resolver further operational when initialized with a trust 
group membership certificate to provide the trust group membership 
certificate to other devices via the network interface to attest to membership 
of the networked computing in the trust group; and the security initializer 
further operational to receive the trust group membership certificate from the 
branding device while securely networked to the networked computing 
device, and further operational to initialize the security resolver with the trust 
group membership certificate" in (Col 9 lines 15-65, and Col 10 lines 24-30). 

f. As per claim 18: 

Hind and Dondeti teach "The networked computing device of claim 13 
wherein: the security resolver further operational when initialized with a 
public/private key pair to encrypt interaction via the network interface with 
other devices authenticated as in the trust group using the public/private key 
pair; and the security initializer is further operational to receive the 
public/private key pair from the branding device while securely networked to 
the networked computing device, and further operational to initialize the 
security resolver with the public/private key pair" in (Col 11 lines 5-65). 
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g. As per claim 20: 

Dondeti discloses "The networked computing device of claim 13, wherein: 
Each trust group membership certificate is sent by an other device and each 
trust group membership certificates comprises: 

a signed name for a trust group (Group Name or group ID); 

a signed identifier (host public key, Host ID) for the other devices sending the 

trust group membership certificate" in (Figure 1, 3); and 

"The security resolver is configured to authenticate trust group membership 

certificates by: 

Authenticating, from the trust group membership certificate, the signed name 
for the trust group and the signed identifier for the other device sending the 
trust group membership certificate using the branding public key" in (Col 6 
lines 10-55); and 

Wherein the signed name for a trust group matches the trust group, verifying 
that the other device sending the trust group membership certificate is a 
member of the trust group" in (Col 5 lines 1 -20). 

Allowable Subject Matter 

8. Claims 2-12 and 21 are allowed. 
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9. Claims 2 and 21 are allowable based on the Applicant's argument presented in 
the amendment dated 8/08/2007 and the limitations regarding the membership 
certificate and the signature-related items associated with it. 



Response to Arguments 

10. Applicant's amendment, filed on Jun. 02, 2008, has claims 13-18 amended. 
Claim 21 is newly added. All other claims are as original. 

1 1 .Applicant's remark, filed on Jun. 02, 2008, argues that the amended Claim 13 
should be allowable since it contains similar limitation from already-allowable 
claim 2. 

12. Applicant's remark has been fully considered, but found not persuasive based on 
the reason below. 

Regarding to Argument (1): 

In regards to Applicant's argument the amended Claim 13 should be allowable 
since it contains similar limitation from already-allowable claim 2, Examiner 
respectfully disagrees with it. The newly added limitation, "a security initializer 
operational to receive a branding certificate from a branding device securely 
networked to the networked computing device, the branding device having 
previously generated the branding certificate and trust group membership 
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certificates, the security initializer further operational to initialize the security 
resolver with the branding certificate and wherein the branding certificate 
comprises branding key data for verifying certificates provided by other devices 
within the trust group on the open-access network", after careful review and 
analysis of the prior art, it is found still taught by the combination of Hind 
reference and Dondeti reference. Please refer to Col. 9 lines 25-40 from Hind 
and lines 13-28, Col. 3; lines 58-67, Col. 4 to lines 1-29, Col. 5 from Dondeti. 

Applicant is reminded that additional modification to clarify the claim limitation 
regarding the membership certificate and its signed items from the security- 
uninitialized device is necessary for further consideration. 

Conclusion 

13. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

a. Langford et al. (U.S. Patent 6,266,420) disclose a method for securing 
group communications with reduced message overhead begins by 
initiating a secure group communication, where a group communication is 
secured based on security credentials of the group. The secured group 
communication is then provided to members of the group, where the 
secured group communication includes a secured message portion and 
an overhead portion based on the group, not each member. Each 
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member of the group that receives the message determines that the 
secured message is group communication for its particular group. Each 
member then obtains at least a portion of the security credentials (e.g., the 
private decryption key) of the group to decrypt the secured group 
communication. 



14. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Y.C. Shaw whose telephone number is 571-272- 
8593. The examiner can normally be reached on 9-6 (M-F). 
If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 571-272-3859. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273- 
8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR 
only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). 



Application/Control Number: 09/882,491 
Art Unit: 2139 

Y.C. Shaw 
AU 2139 
Aug. 28, 2008 



Page 1 1 



/Kristine Kincaid/ 

Supervisory Patent Examiner, Art 
Unit 2139 



